Interactive Connectivity Establishment
Encyclopedia
Interactive Connectivity Establishment (ICE) is a technique used in computer networking involving network address translators (NATs) in Internet
applications of Voice over Internet Protocol (VoIP), peer-to-peer
communications, video, instant messaging
and other interactive media. In such applications, NAT traversal
is an important component to facilitate communications involving hosts on private network
installations, often located behind firewalls.
ICE is developed by the Internet Engineering Task Force
MMUSIC working group and is published as RFC 5245, which has obsoleted RFC 4091.
which might block VoIP traffic completely. ICE provides a framework for dealing with these problems.
STUN
is a client server protocol that will return the public IP to a client together with information from which the client can infer the type of NAT that it is sitting behind while Traversal Using Relay NAT
(TURN) will place a third party server to relay messages between two clients where peer to peer media traffic is not allowed by a firewall.
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
applications of Voice over Internet Protocol (VoIP), peer-to-peer
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
communications, video, instant messaging
Instant messaging
Instant Messaging is a form of real-time direct text-based chatting communication in push mode between two or more people using personal computers or other devices, along with shared clients. The user's text is conveyed over a network, such as the Internet...
and other interactive media. In such applications, NAT traversal
NAT traversal
NAT traversal is a general term for techniques that establish and maintain Internet protocol connections traversing network address translation gateways. Network address translation breaks end-to-end connectivity. Intercepting and modifying traffic can only be performed transparently in the...
is an important component to facilitate communications involving hosts on private network
Private network
In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not...
installations, often located behind firewalls.
ICE is developed by the Internet Engineering Task Force
Internet Engineering Task Force
The Internet Engineering Task Force develops and promotes Internet standards, cooperating closely with the W3C and ISO/IEC standards bodies and dealing in particular with standards of the TCP/IP and Internet protocol suite...
MMUSIC working group and is published as RFC 5245, which has obsoleted RFC 4091.
Overview
As the number of IPv4 addresses are limited to their 32-bit representation, not every network enabled device can have a unique public IP with which to be visible on the Internet. Network Address Translators (NAT) work by changing a private address into a public one when an outbound request passes through them. As clients establish TCP connections through SYN packets, the NAT updates an internal table with each entry creating a mapping between an internal, private IP to a public one. Many applications run into problems when put in this situation with one example being VoIP traffic where a client needs to register with a unique address to a SIP proxy. Another problem relates to firewallsFirewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
which might block VoIP traffic completely. ICE provides a framework for dealing with these problems.
STUN
STUN
STUN is a standardized set of methods, including a network protocol, used in NAT traversal for applications of real-time voice, video, messaging, and other interactive IP communications....
is a client server protocol that will return the public IP to a client together with information from which the client can infer the type of NAT that it is sitting behind while Traversal Using Relay NAT
Traversal Using Relay NAT
Traversal Using Relays around NAT is a protocol that allows for an element behind a Network address translator or firewall to receive incoming data over TCP or UDP connections. It is most useful for elements behind symmetric NATs or firewalls that wish to be on the receiving end of a connection...
(TURN) will place a third party server to relay messages between two clients where peer to peer media traffic is not allowed by a firewall.
IETF Specifications
- RFC 5389: Session Traversal Utilities for NAT (STUN).
- RFC 5766: Traversal Using Relays around NAT (TURN): Relay Extensions to STUN.
- RFC 5245: Interactive Connectivity Establishment (ICE): A Protocol for NAT Traversal for Offer/Answer Protocols.
See also
- Traversal Using Relay NATTraversal Using Relay NATTraversal Using Relays around NAT is a protocol that allows for an element behind a Network address translator or firewall to receive incoming data over TCP or UDP connections. It is most useful for elements behind symmetric NATs or firewalls that wish to be on the receiving end of a connection...
(TURN) - Realm-Specific IPRealm-Specific IPRealm-Specific IP is an Experimental IETF framework and protocol intended as an alternative to NAT in which the end-to-end integrity of packets is maintained.RSIP lets an RSIP host borrow one or more IP address from one or more RSIP gateway....
(RSIP) - MiddleboxMiddleboxA middlebox is a device in the Internet thatprovides transport policy enforcement. Examples of these devicesinclude firewalls, network address translators , signature management for intrusion detection...
Middlebox Communications (MIDCOM) - SOCKSSOCKSSOCKS is an Internet protocol that routes network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server...
- Session Traversal Utilities for NAT (STUN)
- Universal Plug and PlayUniversal Plug and PlayUniversal Plug and Play is a set of networking protocols for primarily residential networks without enterprise class devices that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence...
(UPnP) - NAT Port Mapping ProtocolNAT Port Mapping ProtocolNAT Port Mapping Protocol is an Internet Engineering Task Force Internet Draft, introduced by Apple Computer as an alternative to the more common Internet Gateway Device Standardized Device Control Protocol implemented in many network address translation routers. It was introduced in June 2005...
(NAT-PMP)